From efc3b12fdbe38f023b70839df5653ecae5ce44d3 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Mon, 10 Aug 2020 11:45:07 +0100 Subject: [PATCH] tree-wide: enable/disable libcrypsetup debug output depending on our level Avoid always setting to debug, as it will incur in many more callbacks from libcrypsetup that then get discarded, wasting resources. --- src/cryptsetup/cryptsetup.c | 9 +++------ src/home/homework-luks.c | 12 ++++++------ src/partition/growfs.c | 6 ++---- src/shared/crypt-util.c | 8 +++++++- src/shared/crypt-util.h | 2 +- src/shared/dissect-image.c | 4 ++-- src/veritysetup/veritysetup.c | 4 ++-- 7 files changed, 23 insertions(+), 22 deletions(-) diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 6d3f842dbe..8be9c9acac 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -839,10 +839,7 @@ static int run(int argc, char *argv[]) { log_setup_service(); - crypt_set_log_callback(NULL, cryptsetup_log_glue, NULL); - if (DEBUG_LOGGING) - /* libcryptsetup won't even consider debug messages by default */ - crypt_set_debug_level(CRYPT_DEBUG_ALL); + cryptsetup_enable_logging(cd); umask(0022); @@ -906,7 +903,7 @@ static int run(int argc, char *argv[]) { if (r < 0) return log_error_errno(r, "crypt_init() failed: %m"); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); status = crypt_status(cd, argv[2]); if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) { @@ -1032,7 +1029,7 @@ static int run(int argc, char *argv[]) { if (r < 0) return log_error_errno(r, "crypt_init_by_name() failed: %m"); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_deactivate(cd, argv[2]); if (r < 0) diff --git a/src/home/homework-luks.c b/src/home/homework-luks.c index b0f237c51b..1eb08e1423 100644 --- a/src/home/homework-luks.c +++ b/src/home/homework-luks.c @@ -238,7 +238,7 @@ static int luks_setup( if (r < 0) return log_error_errno(r, "Failed to allocate libcryptsetup context: %m"); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_load(cd, CRYPT_LUKS2, NULL); if (r < 0) @@ -338,7 +338,7 @@ static int luks_open( if (r < 0) return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_load(cd, CRYPT_LUKS2, NULL); if (r < 0) @@ -1335,7 +1335,7 @@ int home_deactivate_luks(UserRecord *h) { else { log_info("Discovered used LUKS device %s.", dm_node); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_deactivate(cd, dm_name); if (IN_SET(r, -ENODEV, -EINVAL, -ENOENT)) { @@ -1494,7 +1494,7 @@ static int luks_format( if (r < 0) return log_error_errno(r, "Failed to allocate libcryptsetup context: %m"); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); /* Normally we'd, just leave volume key generation to libcryptsetup. However, we can't, since we * can't extract the volume key from the library again, but we need it in order to encrypt the JSON @@ -2971,7 +2971,7 @@ int home_lock_luks(UserRecord *h) { return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name); log_info("Discovered used LUKS device %s.", dm_node); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); if (syncfs(root_fd) < 0) /* Snake oil, but let's better be safe than sorry */ return log_error_errno(errno, "Failed to synchronize file system %s: %m", p); @@ -3036,7 +3036,7 @@ int home_unlock_luks(UserRecord *h, PasswordCache *cache) { return log_error_errno(r, "Failed to initialize cryptsetup context for %s: %m", dm_name); log_info("Discovered used LUKS device %s.", dm_node); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = -ENOKEY; FOREACH_POINTER(list, cache->pkcs11_passwords, cache->fido2_passwords, h->password) { diff --git a/src/partition/growfs.c b/src/partition/growfs.c index 98a7e4d31d..2728cb8ba8 100644 --- a/src/partition/growfs.c +++ b/src/partition/growfs.c @@ -56,7 +56,7 @@ static int resize_crypt_luks_device(dev_t devno, const char *fstype, dev_t main_ if (r < 0) return log_error_errno(r, "crypt_init(\"%s\") failed: %m", devpath); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_load(cd, CRYPT_LUKS, NULL); if (r < 0) @@ -85,9 +85,7 @@ static int maybe_resize_underlying_device(const char *mountpath, dev_t main_devn int r; #if HAVE_LIBCRYPTSETUP - crypt_set_log_callback(NULL, cryptsetup_log_glue, NULL); - if (DEBUG_LOGGING) - crypt_set_debug_level(CRYPT_DEBUG_ALL); + cryptsetup_enable_logging(NULL); #endif r = get_block_device_harder(mountpath, &devno); diff --git a/src/shared/crypt-util.c b/src/shared/crypt-util.c index 20bdc5489e..52bd12bb8d 100644 --- a/src/shared/crypt-util.c +++ b/src/shared/crypt-util.c @@ -4,7 +4,7 @@ #include "crypt-util.h" #include "log.h" -void cryptsetup_log_glue(int level, const char *msg, void *usrptr) { +static void cryptsetup_log_glue(int level, const char *msg, void *usrptr) { switch (level) { case CRYPT_LOG_NORMAL: level = LOG_NOTICE; @@ -25,4 +25,10 @@ void cryptsetup_log_glue(int level, const char *msg, void *usrptr) { log_full(level, "%s", msg); } + +void cryptsetup_enable_logging(struct crypt_device *cd) { + crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + crypt_set_debug_level(DEBUG_LOGGING ? CRYPT_DEBUG_ALL : CRYPT_DEBUG_NONE); +} + #endif diff --git a/src/shared/crypt-util.h b/src/shared/crypt-util.h index c25b11599c..b9f465fbc1 100644 --- a/src/shared/crypt-util.h +++ b/src/shared/crypt-util.h @@ -8,5 +8,5 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(struct crypt_device *, crypt_free); -void cryptsetup_log_glue(int level, const char *msg, void *usrptr); +void cryptsetup_enable_logging(struct crypt_device *cd); #endif diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index 66b7ec5284..f41d1a0e48 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -1277,7 +1277,7 @@ static int decrypt_partition( if (r < 0) return log_debug_errno(r, "Failed to initialize dm-crypt: %m"); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_load(cd, CRYPT_LUKS, NULL); if (r < 0) @@ -1399,7 +1399,7 @@ static int verity_partition( if (r < 0) return r; - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_load(cd, CRYPT_VERITY, NULL); if (r < 0) diff --git a/src/veritysetup/veritysetup.c b/src/veritysetup/veritysetup.c index e475402d9d..753777b6ad 100644 --- a/src/veritysetup/veritysetup.c +++ b/src/veritysetup/veritysetup.c @@ -73,7 +73,7 @@ static int run(int argc, char *argv[]) { if (r < 0) return log_error_errno(r, "Failed to open verity device %s: %m", argv[4]); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); status = crypt_status(cd, argv[2]); if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) { @@ -124,7 +124,7 @@ static int run(int argc, char *argv[]) { if (r < 0) return log_error_errno(r, "crypt_init_by_name() failed: %m"); - crypt_set_log_callback(cd, cryptsetup_log_glue, NULL); + cryptsetup_enable_logging(cd); r = crypt_deactivate(cd, argv[2]); if (r < 0)